Cisco introduces CCIE Security 400-251 V5.0 Written and Lab Exam

Cisco introduces CCIE Security 400-251 V5.0 Written and Lab Exam


Cisco just published yet another update to CCIE Security Written and lab exams dubbed as Exam 400-251 (v5.0). It is quiet interesting to see another update rolling out on the back of an older one (350-018 V4.1) which took effect from July 25th 2016! Yet another interesting thing to see is v5.0 also implies changes to Cisco Security Lab exam as well.

Nonetheless, I am excited to see that Cisco is aggressively updating the exam blueprint to keep pace with the changes taking place in the security and networking industries. As I scanned through the changes in the official Cisco announcement, I noticed the following key areas that are worth noting.

  • As we know, Cisco is an acquisition machine and recently snapped up Lancope (NBA/NetFlow), OpenDNS (cloud-delivered security), and SourceFire (FirePower product line) security companies. Both newly acquired and organically built (ex. ACI)products and solutions are now part of the new CCIE Security blueprint (v5.0)
  • Overall exam blueprint now seems more consolidated (8 versus 6 exam sections)
  • Identity Management, Information Exchange, and Access Control is the largest content contributor to the exam now (22% and 24% of the written and lab exams respectively)
  • Security infrastructure products for perimeter security and intrusion prevention is the second largest content area when it comes written and lab exam content (21% and 23% of the written and lab exams respectively)
  • It seems finally all of the VPN content is now consolidated into Secure Connectivity and Segmentation area (17% and 19% of the written and lab exams respectively)
  • Infrastructure Security, Virtualization, and Automation now includes Cisco ACI and virtualized security domain
  • There is no change to Evolving Technologies section across v4.1 and v5.0 exam blueprint. It continues to include SDN, Cloud and Internet of Things (IoT)
  • Last but not least, Cisco also seems to be stepping up on transparency around the CCIE exam content with a lot of details for each section.
CCIE Security V5.0 (takes effect on Jan 31 2017)Domain DescriptionWritten Exam %
Perimeter Security and Intrusion PreventionCisco FirePOWER, Cisco ASA, Cisco IOS ZBFW, DDoS Mitigation21%
Advanced Threat Protection and Content SecurityAMP Solutions and Security Protocols17%
Secure Connectivity and SegmentationIKE/IPSec, TrustSec, GETVPN, DMVPN, FlexVPN, Security protocols and algorithms17%
Identity Management, Information Exchange, and Access ControlISE, RADIUS/TACACS+, WLAN Security and Protocols22%
Infrastructure Security, Virtualization, and AutomationAttacks, Cisco ACI, standard bodies, Cisco DNA/SAFE, NetFlow, ACLs etc.13%
Evolving TechnologiesCloud, SDN, IoT10%

Do you believe that Cisco got the exam blueprint changes right? Share your take with us in the comments.

For more details, you can refer to the official Cisco announcement here.

Share this post

*** CCIE Written Practice Quizzes Last Updated: June 18, 2017 *** Dismiss

United States (US)